VYPR
Unrated severityNVD Advisory· Published Sep 6, 2012· Updated Jun 16, 2026

CVE-2012-2741

CVE-2012-2741

Description

Cross-site scripting (XSS) vulnerability in public_html/lists/admin/ in phpList before 2.10.18 allows remote attackers to inject arbitrary web script or HTML via the num parameter in a reconcileusers action.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

17
  • Phplist/Phplist17 versions
    cpe:2.3:a:phplist:phplist:*:*:*:*:*:*:*:*+ 16 more
    • cpe:2.3:a:phplist:phplist:*:*:*:*:*:*:*:*range: <=2.10.17
    • cpe:2.3:a:phplist:phplist:2.10.1:*:*:*:*:*:*:*
    • cpe:2.3:a:phplist:phplist:2.10.10:*:*:*:*:*:*:*
    • cpe:2.3:a:phplist:phplist:2.10.11:*:*:*:*:*:*:*
    • cpe:2.3:a:phplist:phplist:2.10.12:*:*:*:*:*:*:*
    • cpe:2.3:a:phplist:phplist:2.10.13:*:*:*:*:*:*:*
    • cpe:2.3:a:phplist:phplist:2.10.14:*:*:*:*:*:*:*
    • cpe:2.3:a:phplist:phplist:2.10.15:*:*:*:*:*:*:*
    • cpe:2.3:a:phplist:phplist:2.10.16:*:*:*:*:*:*:*
    • cpe:2.3:a:phplist:phplist:2.10.2:*:*:*:*:*:*:*
    • cpe:2.3:a:phplist:phplist:2.10.3:*:*:*:*:*:*:*
    • cpe:2.3:a:phplist:phplist:2.10.4:*:*:*:*:*:*:*
    • cpe:2.3:a:phplist:phplist:2.10.5:*:*:*:*:*:*:*
    • cpe:2.3:a:phplist:phplist:2.10.7:*:*:*:*:*:*:*
    • cpe:2.3:a:phplist:phplist:2.10.8:*:*:*:*:*:*:*
    • cpe:2.3:a:phplist:phplist:2.10.9:*:*:*:*:*:*:*
    • (no CPE)range: <2.10.18

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.